A packaging error has exposed the internal source code for Anthropic's Claude Code, handing competitors a blueprint for one of AI's most commercially successful products. The 59.8 MB JavaScript source map file included in version 2.1.88 contained unobfuscated TypeScript source code intended only for internal debugging. Security researcher Chaofan Shou discovered the exposure Tuesday morning, with an X post about the leak amassing more than 21 million views by 4:23 a.m. ET.
"This was a release packaging issue caused by human error, not a security breach," an Anthropic spokesperson confirmed. "We're rolling out measures to prevent this from happening again."
The company emphasized that no sensitive customer data or credentials were exposed. The leak provides direct access to Claude Code's agentic harness architecture, including its tiered memory structures and 2,500+ lines of bash validation logic. Competitors from established giants to nimble startups like Cursor can now study how Anthropic built what has become a $2.5 billion annual recurring revenue product.
Internal codenames and performance metrics surfaced in the exposed code reveal Anthropic's development roadmap. Capybara serves as the internal designation for a Claude 4.6 variant, with Fennec mapping to Opus 4.6 and Numbat still in testing phases.
Technical documentation shows Claude Code suffers from a 29-30% false claims rate in version eight, representing regression from the 16.7% rate observed in version four. The code also implements "Strict Write Discipline" protocols that prevent model names like "Tengu" or "Capybara" from leaking into public git logs during AI-assisted development.
This marks Anthropic's second major security lapse within days, following last week's exposure of nearly 3,000 internal files detailing the powerful Mythos model (also known internally as Capybara). That earlier leak revealed sensitive technical specifications about computational demands and cybersecurity capabilities.
Market data indicates Claude Code's revenue has more than doubled since the beginning of 2026, with enterprise adoption accounting for 80% of its income stream. The product represents a critical component of Anthropic's reported $19 billion annualized revenue run-rate as of March 2026.
The exposed source includes functionality allowing Claude Code to operate as an always-on background agent and make "stealth" contributions to public open-source repositories without attribution. One instruction embedded in the code warns: "You are operating UNDERCOVER... Your commit messages... MUST NOT contain ANY Anthropic-internal information."
Anthropic previously experienced similar exposure in February 2025 when an early version of Claude Code accidentally revealed its original codebase.
